Serial No. 10/764,966 
Amendment and Response to 
Final Office Action Mailed December 6, 2007 



AMENDMENTS TO THE CLAIMS 

Please cancel claims 4, 6, 22, and 28 and amend claims 1, 13, 18, 21, 23, 31, and 36. 
A listing of all claims and their current status in accordance with 37 C.F.R. § 1.121(c) is 
provided below. 

1 . (Currently amended) A method of initializing a first security module in a 
computer, the method comprising the acts of: 

determining if the first security module is a controlling security module or a 

subordinate security module; 
generating at least one key if the first security module is the controlling security 

module; [[and]] 

receiving at least one key from a second security module within the computer if the 

first security module is the subordinate security module; 
measuring the computer once the at least one key is generated; and 
copying the measurement of the computer into the subordinate security module . 

2. (Previously presented) The method, as set forth in claim 1, comprising the 
act of initializing the first and second security modules in the computer so that the first 
security module has at least one common key with the second security module. 

3. (Previously presented) The method, as set forth in claim 1, wherein the first 
security or second security module comprises a trusted platform module (TPM). 
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4. (Canceled) 

5. (Currently amended) The method, as set forth in claim L[[4]], wherein the 
controlling security module measures the computer. 

6. (Canceled) 

7. (Original) The method, as set forth in claim 1 , wherein the at least one key 
comprises an endorsement key. 

8. (Original) The method, as set forth in claim 1 , wherein the at least one key 
comprises a private key and a public key. 

9. (Previously presented) The method, as set forth in claim 1 , comprising the 
act of accessing a lock bit to determine if the first security module is the controlling security 
module or the subordinate security module. 

10. (Previously presented) The method, as set forth in claim 9, wherein the lock 
bit is a setting within memory of the computer. 

1 1 . (Previously presented) The method, as set forth in claim 1 0, comprising 
accessing the lock bit via a bus coupled to the first security module and the memory or via a 
bus and a input/output controller coupled between the first security module and the memory. 
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12. (Previously presented) The method, as set forth in claim 10, comprising the 
act of determining if the first security module in the system is initialized. 

1 3 . (Currently amended) A first security module in a computer, comprising: 
a detector that is adapted to determine if the first security module is a 

controlling security module or a subordinate security module; 
a key generator that generates a key for the first security module if the first 

security module is the controlling security module; and 
a key receiver that receives the key from a second security module within the 

computer if the first security module is the subordinate security 

module; 

' wherein the controlling security module is adapted to measure the computer, 
and wherein the measurement of the computer obtained by the 
controlling security module is subsequently copied into the subordinate 
security module . 

14. (Previously presented) The first security module set forth in claim 13, 
wherein the first security module comprises a trusted platform module ("TPM"). 

15. (Previously presented) The first security module set forth in claim 14, 
wherein the first security module is adapted to determine if the first security module has 
undergone TPM initialization. 



Page 4 of 14 



Serial No. 10/764,966 
Amendment and Response to 
Final Office Action Mailed December 6, 2007 

16. (Previously presented) The first security module, as set forth in claim 14, 
wherein the key comprises an endorsement key. 

1 7. (Previously presented) The first security module, as set forth in claim 1 4, 
wherein the key comprises a private key. 

18. (Currently amended) The first security module set forth in claim 13, wherein 
the first security module is adapted to measure [[a]] the computer if the first security module 
is the controlling security module. 

19. (Previously presented) The first security module set forth in claim 1 3, 
wherein the first security module is adapted to access a lock bit to determine if the first 
security module is the controlling security module or the subordinate security module. 

20. (Previously presented) The first security module set forth in claim 19, 
comprising accessing the lock bit via a bus coupled to the first security module and memory 
or via a bus and a input/output controller coupled between the first security module and the 
memory. 

2 1 . (Currently amended) A first security module in a computer, comprising: 
means for determining if the first security module is a controlling security module or a 

subordinate security module; 
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means for generating at least one key for the first security module if the first security 

module is the controlling security module; and 
means for receiving at least one key from a second security module within the 

computer if the first security module is the subordinate security module; 
wherein the controlling security module is adapted to measure the computer, and 

wherein the measurement of the computer obtained by the controlling security 

module is subsequently copied into the subordinate security module . 

22. (Canceled) 

23. (Currently amended) A computer, comprising: 
a processor; 

memory operatively coupled to the processor; 

a first security module and a second security module, each operatively coupled to the 
processor and the memory, the first and second security modules being 
configured to: 

determine whether the first security module or the second security module is a 
controlling security module or a subordinate security module; 

generate at least one key for the first security module or the second security module 
depending on whether the first security module or the second security module 
is the controlling security module; and 
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r e c e iving receive at least one key from the first security module or the second security 
module depending on whether the first security module or the second security 
module is the subordinate security module; 

wherein the controlling security module is adapted to measure the computer, and 

wherein the measurement of the computer obtained by the controlling security 
module is subsequently copied into the subordinate security module . 

24. (Previously presented) The computer set forth in claim 23, wherein the first 
security module and the second security module each comprise a trusted platform module 
("TPM"). 

25. (Previously presented) The computer set forth in claim 24, wherein the at 
least one key comprises an endorsement key. 

26. (Previously presented) The computer set forth in claim 24, wherein the at 
least one key comprises a private key and a public key. 

27. (Previously presented) The computer set forth in claim 23, wherein the first 
security module and the second security module are each adapted to determine if the first 
security module has undergone TPM initialization and if the second security module has 
undergone TPM initialization. 

28. (Canceled) 
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29. (Previously presented) The computer set forth in claim 23, wherein the first 
security module and the second security module are adapted to access a lock bit to determine 
if the first security module is the controlling security module or the subordinate security 
module and to determine if the second security module is the controlling security module or 
the subordinate security module. 

30. (Previously presented) The computer set forth in claim 23, wherein the 
memory and the first security module are connected together on a bus and communicate 
through a bridge with the processor. 

3 1 . (Currently amended) A method of initializing a plurality of security modules 
in a computer, the method comprising the act of: 

initializing each of the plurality of security modules so that each of the plurality of 
security modules has at least one common ke y, wherein initializing each of the plurality of 
security modules includes designating at least one of the plurality of security modules as 
being a controlling security module and designating at least one of the plurality of security 
modules as being a subordinate security module: 

wherein the controlling security module is adapted to measure the computer, and 
wherein the measurement of the computer obtained by the controlling security module is 
subsequently copied into the subordinate security module . 
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32. (Original) The method, as set forth in claim 3 1 , wherein each of the plurality 
of security modules comprises a trusted platform module ("TPM"). 

3 3 . (Previously presented) The method, as set forth in claim 3 1 , comprising 
accessing a lock bit in memory by each of the plurality of security modules if the security 
module has not been initialized. 

34. (Original) The method, as set forth in claim 33, wherein at least one of the 
plurality of security modules is coupled to a bus that connects to the memory. 

35. (Previously presented) The method, as set forth in claim 3 1 , comprising 
booting the computer once the plurality of security modules is initialized. 

36. (Currently amended) A networked computer system comprising: 
a plurality of computers; 

a network coupled to each of the plurality of computers; 
at least one of the plurality of computers comprising: 

a first security module and a second security module, the first and second 
security modules being configured to: 

determine whether the first security module or the second security module is a 
controlling security module or a subordinate security module; 
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generate at least one key for the first security module or the second security 
module depending on whether the first security module or the second 
security module is the controlling security module; and 

r e c e iving receive at least one key from the first security module or the second 
security module depending on whether the first security module or the 
second security module is the subordinate security module; 

wherein the controlling security module is adapted to measure the computer, 
and wherein the measurement of the computer obtained by the 
controlling security module is subsequently copied into the subordinate 
security module . 

37. (Original) The system, as set forth in claim 36, wherein the first and the 
second security modules comprise a trusted platform module ("TPM"). 

38. (Previously presented) The computer set forth in claim 23, comprising non- 
volatile memory operatively coupled to the processor and configured to store data for the 
processor, wherein the memory is configured to store data retrieved from the non-volatile 
memory for use by the processor. 

39. (Previously presented) The computer set forth in claim 23, comprising a video 
controller operatively coupled to the processor and configured to produce a display signal. 
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